Go to page

More options

From Emsisoft

I just wanted to give you a little Christmas present in form of a new component that you can test a bit earlier than anyone else if you want to. The next Emsisoft Anti-Malware release will include a new component we call "Emsisoft Browser Security".

Emsisoft Browser Security is a cloud-based browser extension for Firefox as well as Chrome. It is powered by the same database that also powers the Emsisoft Surf Protection. However, since it is part of the browser and has access to the actual URLs and the page content without breaking SSL, it can use a lot more advanced detections, which will greatly increase the detection of phishing websites in particular.

Unlike a lot of other cloud-based extensions, who will send any URL you visit in clear-text to a backend somewhere, we decided to make it a lot more privacy-conscious. So instead of URLs in plaintext, we only ever see hashes of parts of the URLs you visit, which we can't turn back into their readable form. Any processing that requires the entire URL, is done completely client-side, so the sites you visit never leave your browser.

From Emsisoft

Our URL database is multiple GB in size. It's unfortunately not feasible to have such a huge database deployed on our user's systems. So instead those hashes allow us to determine which bits of the database are relevant to you at the moment and only stream those to your browser, which can then determine whether or not the website you visit right now is bad or not.

So if you do visit a malicious website, we may be able to guess, because you query certain bits of our dataset that are specific to a certain malicious site. But we don't know for sure as hashes aren't unique and each hash has a potentially unlimited number of payloads that can have the same hash. For non-malicious websites, we will have absolutely no idea what you visit at all. All we see for those are some hashes, that don't lead to any data in our datasets.

Level 2

Hi, Neat extension. Other than being privacy-conscious, how does this extension differs from the competition? is this using pure cloud blacklist or will it have other features to detect zero day malicious websites not in the blacklist? How near real time is blacklist? How often is blacklist updated? Are you using multiple threat intelligence sources? https sites are scanned/inspected i figure? does it need EAM to be installed or can it be used stand alone?

From Emsisoft

VXVault usually lists payloads, not the websites that use those payloads (through an exploit kit for example). The extension mostly focuses on blocking the websites, not the payloads (or downloads). We may add checks for downloads as well in the future. However, at the moment the lack of Edge support for download events is preventing us from doing it. That may be a thing of the past with Microsoft moving to Chromium though soon.

From Emsisoft

They do slightly different things. Surf Protection in EAM checks every single request your browser (or any application on your system, browser or not) against the blacklist. The blacklist is comprised of only hostnames and IP ranges because those are the only information it has available without seriously invasive techniques that you don't want us to use as they lower your privacy and security. So it applies to downloads as well for example.

The browser extension checks the websites you visit in your browser. It has access to more information, so it can do more fine-grained filtering, but it is limited to websites (not downloads or requests) you visit in your browser only.

We use cookies to improve your browsing experience on our site, show personalized content and targeted ads, analyze site traffic, and understand where our audience is coming from.
By continuing to use this site, you are consenting to our use of cookies.